package ace.module.oauth2.server.core.impl.properties;

import ace.module.oauth2.callback.contract.feign.Oauth2AceAuthenticationCallbackFeign;
import ace.module.oauth2.server.api.model.dto.ext.Oauth2AceAuthResultDetailDto;
import java.util.List;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.core.oidc.OidcScopes;

/**
 * @author caspar
 * @date 2023/2/10 9:21
 */
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
@ConfigurationProperties(prefix = Oauth2ServerSecurityProperties.PROPERTIES_PREFIX)
public class Oauth2ServerSecurityProperties {

  public static final String PROPERTIES_PREFIX = "ace.security.oauth2.authorization.server";

  /**
   * 已注册的oauth2 客户端
   */
  private List<RegisteredClientsProperties> registeredClients;

  /**
   * 已注册用户信息,内存实现是使用
   */
  private List<AceUserProperties> users;

  /**
   * oauth2 自定义登录实现接口地址
   */
  private List<OAuth2LoginProviderProperties> loginProviders;

  /**
   * {@link Oauth2AceAuthResultDetailDto} 类型的json字符串，用于测试 {@link Oauth2AceAuthenticationCallbackFeign} 的测试接口
   */
  private String loginByGrantTypeOutputJson;


  /**
   * 已经注册的客户端
   */
  @Data
  @NoArgsConstructor
  public static class RegisteredClientsProperties {

    /**
     * 客户端id
     */
    private String clientId;

    /**
     * 客户端密钥
     */
    private String clientSecret;

    /**
     * 客户端验证方法 {@link ClientAuthenticationMethod}
     */
    private List<String> clientAuthenticationMethods;

    /**
     * 授权流程 {@link AuthorizationGrantType}
     */
    private List<String> authorizationGrantTypes;

    /**
     * 重定向url
     */
    private List<String> redirectUris;

    /**
     * one of {@link OidcScopes}
     */
    private List<String> scopes;
  }

  @Data
  @NoArgsConstructor
  public static class OAuth2LoginProviderProperties {

    /**
     * 认证类型
     */
    private String grantType;
  }

  /**
   * 已经注册用户信息
   */
  @Data
  @NoArgsConstructor
  public static class AceUserProperties {

    /**
     * id
     */
    private String id;

    /**
     * 租户id
     */
    private String tenantId;

    /**
     * 应用id
     */
    private String appId;

    /**
     * 账户名
     */
    private String username;

    /**
     * 密码
     */
    private String password;

    /**
     * 权限
     */
    private List<String> authorities;
  }
}
